From b06630091da35e29f7c752da2cbfba89a84bb6f9 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Thu, 17 Feb 2011 14:53:39 -0800 Subject: [PATCH] Make procedure to delete a chain plus references to it; make exclusion chains begin with '~' --- Shorewall/Perl/Shorewall/Chains.pm | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm index 054882513..6c4fd277d 100644 --- a/Shorewall/Perl/Shorewall/Chains.pm +++ b/Shorewall/Perl/Shorewall/Chains.pm @@ -731,6 +731,24 @@ sub delete_chain( $ ) { progress_message " Chain $chainref->{name} deleted"; } +# +# This variety first deletes all references to the chain before deleting it. +# +sub delete_chain_and_references( $ ) { + my $chainref = shift; + # + # We're going to delete this chain but first, we must delete all references to it. + # + my $tableref = $chain_table{$chainref->{table}}; + my $name1 = $chainref->{name}; + for ( @{$chainref->{rules}} ) { + decrement_reference_count( $tableref->{$1}, $name1 ) if / -[jg] ([^\s]+)/; + } + + delete_chain $chainref; +} + + # # Insert a tunnel rule into the passed chain. Tunnel rules are inserted sequentially # at the beginning of the 'NEW' section. @@ -896,15 +914,7 @@ sub copy_rules( $$ ) { unless ( --$chain1->{references}{$name2} ) { delete $chain1->{references}{$name2}; - unless ( keys %{$chain1->{references}} ) { - my $tableref = $chain_table{$chain1->{table}}; - my $name1 = $chain1->{name}; - for ( @{$chain1->{rules}} ) { - decrement_reference_count( $tableref->{$1}, $name1 ) if / -[jg] ([^\s]+)/; - } - - delete_chain $chain1; - } + delete_chain_and_references( $chain1 ) unless keys %{$chain1->{references}}; } } @@ -2095,7 +2105,7 @@ sub setup_zone_mss() { sub newexclusionchain() { my $seq = $chainseq++; - "excl${seq}"; + "~excl${seq}"; } sub newlogchain() {